Certified Chief Information Security Officer (CCISO) — Question 179

Which of the following BEST describes an international standard framework that is based on the security model Information Technology-Code of Practice for
Information Security Management?

Answer options

• A. National Institute of Standards and technology Special Publication SP 800-12
• B. Request for Comment 2196
• C. International Organization for Standardization 27001
• D. National Institute of Standards and technology Special Publication SP 800-26

Correct answer: C

Explanation

The correct answer is C, as ISO 27001 is recognized internationally as a standard for information security management systems. Options A and D are NIST publications which focus on different aspects of security but do not serve as a global standard framework. Option B, RFC 2196, provides guidelines for site security but is not a standard framework like ISO 27001.